1.0.7 • Published 7 years ago
passport-mhealthlabs v1.0.7
Provides support for labs-login server private for uphs health system
There is a sessions middleware (called sessionsMiddleware) and passport.
There are three steps to getting it working. 1) Set up passport with your oauth credentials and pass in your apps url and database 2) Set up a collection in mongodb to store your sessions. (This is optional. You can use an alternative session system if you prefer, but this one works with mongodb and express-session) 3) Use the above in your app 4) Add the /login, /logout and callback paths to your app
in lib/passport.js
import { mhealthPassport } from 'passport-mhealthlabs';
import { myDatabase } from './databases';
import { mhealthId, mhealthSecret, rootURL } from 'configs';
export default mhealthPassport({
mhealthId,
mhealthSecret,
rootURL,
usersCollection: myDatabase.users //the collection you have for users
})
in lib/sessions.js
import { sessionsMiddleware } from 'passport-mhealthlabs';
export default sessionsMiddleware({
dbURI: 'mongodb://localhost:27017/' + myDatabase,
collection: 'userSessions', // collection to store sessions in
secret: 'asecret' //a random string, should be unique per app. see express-session documentation
});
in server.js
import express from 'express';
import passport from './lib/passport';
import sessions from './lib/sessions'; //middleware
const app = express();
app.use(passport.initialize());
app.use(passport.session());
//define the login, logout and callback routes. code below can be used
app.get('/login', passport.authenticate('oauth2'));
app.get('/users/auth/mhealth/callback', passport.authenticate('oauth2', {
successRedirect: '/loggedIn', //logged in path
failureRedirect: '/' //path for signing in or root path
}));
app.get('/logout', (req, res, next) => {
if (req.session && req.session.destroy) {
req.session.destroy();
console.log('destroyed session');
}
res.redirect('/');
});
// to require authentication on any path, just include sessions as middleware
app.use('/loggedIn', sessions, loggedInController);
app.use('/public', publicController); // paths without sessions will not require authentication
Use in your own middleware/routes
- user can be obtained in middleware with req.user or req.session. See documentation of express-session